[zeromq-dev] Proposal for ZeroMQ certificate format

Pieter Hintjens ph at imatix.com
Wed Oct 16 13:59:54 CEST 2013


On Wed, Oct 16, 2013 at 1:51 PM, T. Linden <tlinden at cpan.org> wrote:

> So, I don't think it makes a big difference if the fingerprint is 32 or
> 64 bytes long. No user in the real world would read it anyway. Usually a
> piece of software would do the job of fingerprint comparing.

If we agree on this as the use case, we can switch to SHA512 for the
fingerprint.

However I'm not convinced we can ignore manual verification. If I send
you my public key and then call you to check whether you got it, how
are you going to tell me what you got?

-Pieter



More information about the zeromq-dev mailing list